Fluid Attacks Database

Description

libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	libsndfile	=1.0.31-2 \|\| >=0 <1.0.31-2+deb11u1	1.0.31-2+deb11u1
alpine v3.21	libsndfile	=1.0.19-r0 \|\| =1.0.20-r0 \|\| =1.0.21-r0 \|\| =1.0.21-r1 \|\| =1.0.21-r2 \|\| =1.0.21-r3 \|\| =1.0.22-r0 \|\| =1.0.23-r0 \|\| =1.0.23-r1 \|\| =1.0.24-r0 \|\| =1.0.24-r1 \|\| =1.0.25-r0 \|\| =1.0.25-r1 \|\| =1.0.25-r2 \|\| =1.0.25-r3 \|\| =1.0.26-r0 \|\| =1.0.27-r0 \|\| =1.0.28-r0 \|\| =1.0.28-r1 \|\| =1.0.28-r2 \|\| =1.0.28-r3 \|\| =1.0.28-r4 \|\| =1.0.28-r5 \|\| =1.0.28-r6 \|\| =1.0.28-r7 \|\| =1.0.28-r8 \|\| =1.0.29-r0 \|\| =1.0.29-r1 \|\| =1.0.31-r0 \|\| =1.0.31-r1 \|\| =1.1.0-r0 \|\| =1.1.0-r1 \|\| =1.1.0-r2 \|\| =1.1.0-r3 \|\| =1.2.0-r0 \|\| =1.2.0-r1 \|\| =1.2.0-r2 \|\| =1.2.0-r3 \|\| =1.2.2-r0 \|\| =1.2.2-r1 \|\| >=0 <1.2.2-r2	1.2.2-r2
alpine v3.18	libsndfile	=1.0.19-r0 \|\| =1.0.20-r0 \|\| =1.0.21-r0 \|\| =1.0.21-r1 \|\| =1.0.21-r2 \|\| =1.0.21-r3 \|\| =1.0.22-r0 \|\| =1.0.23-r0 \|\| =1.0.23-r1 \|\| =1.0.24-r0 \|\| =1.0.24-r1 \|\| =1.0.25-r0 \|\| =1.0.25-r1 \|\| =1.0.25-r2 \|\| =1.0.25-r3 \|\| =1.0.26-r0 \|\| =1.0.27-r0 \|\| =1.0.28-r0 \|\| =1.0.28-r1 \|\| =1.0.28-r2 \|\| =1.0.28-r3 \|\| =1.0.28-r4 \|\| =1.0.28-r5 \|\| =1.0.28-r6 \|\| =1.0.28-r7 \|\| =1.0.28-r8 \|\| =1.0.29-r0 \|\| =1.0.29-r1 \|\| =1.0.31-r0 \|\| =1.0.31-r1 \|\| =1.1.0-r0 \|\| =1.1.0-r1 \|\| =1.1.0-r2 \|\| =1.1.0-r3 \|\| =1.2.0-r0 \|\| =1.2.0-r1 \|\| =1.2.0-r2 \|\| =1.2.2-r0 \|\| >=0 <1.2.2-r1	1.2.2-r1
alpine v3.19	libsndfile	=1.0.19-r0 \|\| =1.0.20-r0 \|\| =1.0.21-r0 \|\| =1.0.21-r1 \|\| =1.0.21-r2 \|\| =1.0.21-r3 \|\| =1.0.22-r0 \|\| =1.0.23-r0 \|\| =1.0.23-r1 \|\| =1.0.24-r0 \|\| =1.0.24-r1 \|\| =1.0.25-r0 \|\| =1.0.25-r1 \|\| =1.0.25-r2 \|\| =1.0.25-r3 \|\| =1.0.26-r0 \|\| =1.0.27-r0 \|\| =1.0.28-r0 \|\| =1.0.28-r1 \|\| =1.0.28-r2 \|\| =1.0.28-r3 \|\| =1.0.28-r4 \|\| =1.0.28-r5 \|\| =1.0.28-r6 \|\| =1.0.28-r7 \|\| =1.0.28-r8 \|\| =1.0.29-r0 \|\| =1.0.29-r1 \|\| =1.0.31-r0 \|\| =1.0.31-r1 \|\| =1.1.0-r0 \|\| =1.1.0-r1 \|\| =1.1.0-r2 \|\| =1.1.0-r3 \|\| =1.2.0-r0 \|\| =1.2.0-r1 \|\| =1.2.0-r2 \|\| =1.2.0-r3 \|\| =1.2.2-r0 \|\| >=0 <1.2.2-r1	1.2.2-r1
alpine v3.20	libsndfile	=1.0.19-r0 \|\| =1.0.20-r0 \|\| =1.0.21-r0 \|\| =1.0.21-r1 \|\| =1.0.21-r2 \|\| =1.0.21-r3 \|\| =1.0.22-r0 \|\| =1.0.23-r0 \|\| =1.0.23-r1 \|\| =1.0.24-r0 \|\| =1.0.24-r1 \|\| =1.0.25-r0 \|\| =1.0.25-r1 \|\| =1.0.25-r2 \|\| =1.0.25-r3 \|\| =1.0.26-r0 \|\| =1.0.27-r0 \|\| =1.0.28-r0 \|\| =1.0.28-r1 \|\| =1.0.28-r2 \|\| =1.0.28-r3 \|\| =1.0.28-r4 \|\| =1.0.28-r5 \|\| =1.0.28-r6 \|\| =1.0.28-r7 \|\| =1.0.28-r8 \|\| =1.0.29-r0 \|\| =1.0.29-r1 \|\| =1.0.31-r0 \|\| =1.0.31-r1 \|\| =1.1.0-r0 \|\| =1.1.0-r1 \|\| =1.1.0-r2 \|\| =1.1.0-r3 \|\| =1.2.0-r0 \|\| =1.2.0-r1 \|\| =1.2.0-r2 \|\| =1.2.0-r3 \|\| =1.2.2-r0 \|\| >=0 <1.2.2-r1	1.2.2-r1
debian 14	libsndfile	>=0 <1.2.2-2	1.2.2-2
alpine v3.22	libsndfile	=1.0.19-r0 \|\| =1.0.20-r0 \|\| =1.0.21-r0 \|\| =1.0.21-r1 \|\| =1.0.21-r2 \|\| =1.0.21-r3 \|\| =1.0.22-r0 \|\| =1.0.23-r0 \|\| =1.0.23-r1 \|\| =1.0.24-r0 \|\| =1.0.24-r1 \|\| =1.0.25-r0 \|\| =1.0.25-r1 \|\| =1.0.25-r2 \|\| =1.0.25-r3 \|\| =1.0.26-r0 \|\| =1.0.27-r0 \|\| =1.0.28-r0 \|\| =1.0.28-r1 \|\| =1.0.28-r2 \|\| =1.0.28-r3 \|\| =1.0.28-r4 \|\| =1.0.28-r5 \|\| =1.0.28-r6 \|\| =1.0.28-r7 \|\| =1.0.28-r8 \|\| =1.0.29-r0 \|\| =1.0.29-r1 \|\| =1.0.31-r0 \|\| =1.0.31-r1 \|\| =1.1.0-r0 \|\| =1.1.0-r1 \|\| =1.1.0-r2 \|\| =1.1.0-r3 \|\| =1.2.0-r0 \|\| =1.2.0-r1 \|\| =1.2.0-r2 \|\| =1.2.0-r3 \|\| =1.2.2-r0 \|\| =1.2.2-r1 \|\| >=0 <1.2.2-r2	1.2.2-r2
debian 12	libsndfile	=1.2.0-1 \|\| >=0 <1.2.0-1+deb12u1	1.2.0-1+deb12u1
debian 13	libsndfile	>=0 <1.2.2-2	1.2.2-2
alpine v3.23	libsndfile	=1.0.19-r0 \|\| =1.0.20-r0 \|\| =1.0.21-r0 \|\| =1.0.21-r1 \|\| =1.0.21-r2 \|\| =1.0.21-r3 \|\| =1.0.22-r0 \|\| =1.0.23-r0 \|\| =1.0.23-r1 \|\| =1.0.24-r0 \|\| =1.0.24-r1 \|\| =1.0.25-r0 \|\| =1.0.25-r1 \|\| =1.0.25-r2 \|\| =1.0.25-r3 \|\| =1.0.26-r0 \|\| =1.0.27-r0 \|\| =1.0.28-r0 \|\| =1.0.28-r1 \|\| =1.0.28-r2 \|\| =1.0.28-r3 \|\| =1.0.28-r4 \|\| =1.0.28-r5 \|\| =1.0.28-r6 \|\| =1.0.28-r7 \|\| =1.0.28-r8 \|\| =1.0.29-r0 \|\| =1.0.29-r1 \|\| =1.0.31-r0 \|\| =1.0.31-r1 \|\| =1.1.0-r0 \|\| =1.1.0-r1 \|\| =1.1.0-r2 \|\| =1.1.0-r3 \|\| =1.2.0-r0 \|\| =1.2.0-r1 \|\| =1.2.0-r2 \|\| =1.2.0-r3 \|\| =1.2.2-r0 \|\| =1.2.2-r1 \|\| >=0 <1.2.2-r2	1.2.2-r2

1-10 of 14

Aliases

1. CVE-2024-506122. NVD-2024-506123. OSV-DEBIAN-2024-506124. OSV-2024-506125. OSV-ALPINE-2024-506126. SECURITY-TRACKER-CVE-2024-506127. SECURITY-CVE-2024-50612

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.